Scans API
Trigger scans to run 150 analysis modules on your code and retrieve reports.
🎯 Not a Developer? Start Here
You don't need to write code yourself. Copy the prompts below and paste them into Claude, ChatGPT, Cursor, or any AI coding assistant. Your AI will read the docs and build what you need.
Step 1: Copy a prompt below
Step 2: Paste into your AI assistant
Step 3: AI builds it for you
⚡ NEW: Real-Time Session Polling
Watch your scan results stream in live as each module completes. No more waiting for all 150 modules to finish before seeing results!
Before: Wait 2-5 minutes for all modules, then see results
Now: See each module's results immediately as it finishes
Use /api/sessions for the new streaming experience.View Sessions API →
💡 Why This Matters
Every time you deploy code, you're taking a risk. The Scans API lets you automatically check for security vulnerabilities, code quality issues, and bugs before your users find them.
- →Catch bugs before deploy: Run a scan in your CI/CD pipeline and fail the build if critical issues are found
- →Monitor continuously: Schedule scans to run daily and catch issues from dependency updates
- →Stay secure: 62% of AI-generated code has vulnerabilities. Don't ship them to production.
Quick Start Prompts
Common scanning tasks you can accomplish with a single prompt.
🚀 Auto-Scan After Every Deploy
Automatically scan your code whenever you deploy and get alerted if critical issues are found.
Read the Bugrit Scans API docs at https://bugrit.com/docs/api-reference/scans
Add a post-deployment hook that triggers a security scan:
1. After successful deploy, POST to /api/v1/scans with:
- applicationId: from env.BUGRIT_APP_ID
- sourceType: "github"
- repoUrl: your repo URL
- branch: "main"
2. Poll GET /api/v1/scans/{scanId} until status is "completed"
3. Check response.summary.critical - if > 0, send Slack/email alert
4. Store BUGRIT_API_KEY in environment variables
Use my deployment script framework. Add error handling and logging.
My stack: [YOUR_STACK]👩💻 Technical Details (for developers)
API Endpoint
POST
/api/v1/scansExample Request
curl -X POST https://bugrit.com/api/v1/scans \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"applicationId": "app-abc123",
"sourceType": "github",
"repoUrl": "https://github.com/yourorg/yourrepo",
"branch": "main"
}'Response
{
"scan": {
"id": "scn-xyz789",
"applicationId": "app-abc123",
"status": "running",
"sourceType": "github",
"toolsTotal": 115,
"toolsCompleted": 0,
"createdAt": "2026-01-19T10:30:00Z",
"estimatedCompletion": "2026-01-19T10:31:00Z"
}
}🔄 GitHub Action for PR Checks
Block PRs with critical security issues automatically.
Read these Bugrit docs: - Scans API: https://bugrit.com/docs/api-reference/scans - CI/CD Integration: https://bugrit.com/docs/integrations/ci-cd Create a GitHub Action that runs on every PR: 1. Triggers on: pull_request to main branch 2. POST to /api/v1/scans with: - sourceType: "github" - repoUrl: from github.repository - branch: from github.head_ref (PR branch) - applicationId: from secrets.BUGRIT_APP_ID 3. Poll every 10 seconds until status is "completed" 4. Read summary.critical and summary.high from response 5. Add PR comment with scan summary (use GitHub API) 6. FAIL the check if critical > 0 or high > 3 Use secrets.BUGRIT_API_KEY for auth.
🌐 Scan Your Live Website
Check your production site for security headers, SSL issues, and more.
Read the Bugrit Scans API at https://bugrit.com/docs/api-reference/scans Create a scheduled job that scans my live site daily: 1. Run at midnight every day (cron job or scheduled task) 2. POST to /api/v1/scans with: - applicationId: my app ID - sourceType: "url" - targetUrl: "https://mysite.com" 3. Wait for completion (poll status) 4. If summary.critical > 0: - Send urgent alert to security team 5. Store results for trend tracking 6. Generate weekly security report email My stack: [YOUR_STACK]
👩💻 Technical Details (for developers)
Example: Scan a Live URL
curl -X POST https://bugrit.com/api/v1/scans \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"applicationId": "app-abc123",
"sourceType": "url",
"targetUrl": "https://your-app.com"
}'📊 Build a Scan Progress Dashboard
Show real-time scan progress with a nice UI.
Read the Bugrit Scans API at https://bugrit.com/docs/api-reference/scans
Build a scan progress component:
1. Trigger scan: POST /api/v1/scans (store returned scanId)
2. Poll GET /api/v1/scans/{scanId} every 3 seconds
3. Display progress bar: toolsCompleted / toolsTotal * 100
4. Show current status (pending/running/completed/failed)
5. When completed, show summary:
- Badge counts for critical (red), high (orange), medium (yellow), low (blue)
6. Button to view full report when done
7. Cancel button that calls DELETE /api/v1/scans/{scanId}
Use my existing component library.
My stack: [YOUR_STACK]Start a Scan
Trigger a New Scan
Submit your code or URL for analysis with 150 security and quality modules.
Read the Bugrit Scans API at https://bugrit.com/docs/api-reference/scans Add a "Scan Now" button to my app that: 1. On click, POST to /api/v1/scans with: - applicationId: the current project ID - sourceType: "github" (or "url" for live sites) - repoUrl: the repo URL (if github) - branch: "main" 2. Show loading indicator while scan runs 3. Poll for status every 5 seconds 4. When done, show results with severity counts 5. Link to full report Handle errors (auth, rate limits, validation). My stack: [YOUR_STACK]
👩💻 Technical Reference
POST
/api/v1/scansSubmit your code for analysis. Bugrit runs 150 modules and generates a unified report.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
applicationId | string | Yes | Your application ID |
sourceType | string | Yes | url, github, gitlab, upload, docker, npm, mobile |
targetUrl | string | If url | Live URL to scan |
repoUrl | string | If github/gitlab | Repository URL |
branch | string | No | Branch to scan (default: main) |
dockerImage | string | If docker | Docker image name |
npmPackage | string | If npm | npm package name |
Get Scan Status
Check Scan Progress
Monitor your scan and get results when complete.
Read the Bugrit Scans API at https://bugrit.com/docs/api-reference/scans
Build a function that waits for scan completion:
1. Takes scanId as parameter
2. Polls GET /api/v1/scans/{scanId} every 5 seconds
3. Returns when status is "completed" or "failed"
4. Includes timeout (max 10 minutes)
5. Returns the scan object with summary
Use async/await. Handle network errors gracefully.
My stack: [YOUR_STACK]👩💻 Technical Details (for developers)
GET
/api/v1/scans/:scanIdResponse (completed)
{
"scan": {
"id": "scn-xyz789",
"status": "completed",
"toolsTotal": 115,
"toolsCompleted": 115,
"reportId": "rpt-abc123",
"completedAt": "2026-01-19T10:30:47Z",
"summary": {
"critical": 2,
"high": 5,
"medium": 12,
"low": 28
}
}
}List Scans
View Scan History
Get a list of all your scans with filters.
Read the Bugrit Scans API at https://bugrit.com/docs/api-reference/scans Create a scan history table component: 1. Fetch GET /api/v1/scans with filters: - applicationId (optional): filter by app - status (optional): pending/running/completed/failed - limit: number of results 2. Display as table with columns: - Date (createdAt) - Status badge (color-coded) - Source type - Issue counts (summary.critical, high, etc.) 3. Click row to view full scan details 4. Add filter dropdowns for status and app Include pagination if many results. My stack: [YOUR_STACK]
👩💻 Technical Details (for developers)
GET
/api/v1/scansQuery Parameters
| Parameter | Type | Description |
|---|---|---|
applicationId | string | Filter by application |
status | string | pending, running, completed, failed |
limit | integer | Max results (default: 20) |
Cancel Scan
DELETE
/api/v1/scans/:scanIdCancel a running scan. Partial results may still be available.
Scan Status Values
| Status | Description |
|---|---|
pending | Scan queued, waiting to start |
running | 150 modules currently analyzing your code |
completed | All modules finished, report ready |
failed | Scan failed (check error field) |
canceled | Scan was canceled by user |